That's actually a very small figure in comparison to the vast number of Hotmail users out there, but the list of hacked accounts (it has since been removed from the Pastebin site) reportedly began with the letter A or B and were listed alphabetically. That might indicate that only a small subset of the total number of hacked accounts were posted online, and that the account information for those beginning with letters C through Z may have been posted elsewhere or is simply being traded privately for now.

Impacted accounts involve all of Microsoft's most commonly-used domains: hotmail.com, msn.com, and live.com.

Microsoft confirms that the list is not a hoax and that the account details are genuine. Most seem to involve users residing in Europe, but the company had no information on how the accounts might have been compromised, or whether a security flaw on the Hotmail website was responsible. Poor password selection or an insecure third-party website to which users had provided login information may also be the culprits here.

Naturally, all Hotmail users are advised to change their password and any password-recovery security questions immediately.